Техническая информация
- %WINDIR%\Tasks\At3.job
- %WINDIR%\Tasks\At4.job
- %WINDIR%\Tasks\At1.job
- %WINDIR%\Tasks\At2.job
- [<HKLM>\SYSTEM\ControlSet001\Services\Schedule] 'Start' = '00000002'
- <SYSTEM32>\attrib.exe +s +h <SYSTEM32>\ie.exe
- <SYSTEM32>\at.exe 17:30 /interactive <SYSTEM32>\ie.exe
- <SYSTEM32>\at.exe 14:00 /interactive <SYSTEM32>\ie.exe
- <SYSTEM32>\at.exe 11:30 /interactive <SYSTEM32>\ie.exe
- <SYSTEM32>\at.exe 08:00 /interactive <SYSTEM32>\ie.exe
- <SYSTEM32>\at.exe 20:30 /interactive <SYSTEM32>\ie.exe
- <SYSTEM32>\sc.exe config Schedule start= auto
- <SYSTEM32>\net1.exe start Schedule
- <SYSTEM32>\at.exe /delete /yes
- <SYSTEM32>\at.exe 22:30 /interactive <SYSTEM32>\ie.exe
- <SYSTEM32>\ie.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\laiplay[1]
- C:\ll.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\ll[1].exe
- <SYSTEM32>\ie.exe
- %WINDIR%\Tasks\At2.job
- %WINDIR%\Tasks\At1.job
- C:\ll.exe
- 'localhost':1039
- 'www.la##lay.net':80
- 'localhost':1036
- '99##u.org':80
- www.la##lay.net/
- 99##u.org/ll.exe
- DNS ASK www.la##lay.net
- DNS ASK 99##u.org
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''